gosthopper

Overview ¶

 /\_/\
( 0.0 )
 = ^ =
 /|_|\
(") (")=~

~= GOSTHopper =~

Implementation of block cipher Kuznyechik, GOST R 34.12-2015 ¶

Author: Alexander Venedioukhin, dxdt.ru Date: 17/02/2019 Free software, distribution unlimited.

Supplementary files:

docipher.go
docipher_amd64.go
docipher_amd64.s

Kuznyechik is 128-bit block cipher with keys of 256 bits, standardized in 2015 as GOST R 34.12-2015 (Russian Federation National Standard).

This is example implementation in Go using assembly for x64/amd64 platform. It runs very fast on this platform.

For other platforms - there is universal implementation in more or less pure Go included. It means, that on platforms different from x64/amd64 compiled code will be orders of magnitude slower (100 times or so).

See gosthopper_amd64.s for assembly.

This version implements standard interface for crypto/cipher package. Particularly - with GCM module.

General usage: c, err := NewCipher(key) - creates and initializes new instance with key given. Returns cipher.Block with Kuznyechik; c.Encrypt(dst,src), c.Decrypt(dst,src) - block encryption and decryption methods;

gosthopper.DoEncrypt(block, round_keys) - cipher encrypt procedure, low level; gosthopper.DoDecrypt(block, round_keys) - cipher decrypt procedure, low level.

There are simple counter mode functions:

gosthopper.CMEncrypt(nonce_iv, key, plain_text); gosthopper.CMDecrypt(nonce_iv, key, cipher_text);

nonce_iv is a counter initial state, it will be incremented for each block. The same value must be set for successful decryption. In counter mode nonce_iv must be never reused with the same key for encryption.

To use in GCM mode of operation: --- import "crypto/cipher"

kCipher, err := NewCipher(key) kuznyechikGCM, err := cipher.NewGCM(kCipher) [...] kuznyechikGCM.Seal(...), kuznyechikGCM.Open(...) ---

Other functions: gosthopper.InitCipher() - initializes (computes values) in-memory lookup tables needed for encryption/decryption;

More usage examples: --- gosthopper.InitCipher() RoundKeys = gosthopper.StretchKey(MainKey) CipherText = gosthopper.DoEncrypt(PlainText, RoundKeys) DecRoundKeys = gosthopper.GetDecryptRoundKeys(RoundKeys) PlainText = gosthopper.DoDecrypt(CipherText, DecryptRoundKeys)) ---

Kuznyechik or Kuznechik (Grasshopper in Russian) cipher is based on substitution-permutation network and use Feistel cipher to derive round keys. This implementation uses a precomputed lookup tables of transformations and cipher assembly implementation (amd64) to speed up encryption and decryption process.

Reference: C implementation - https://github.com/mjosaarinen/kuznechik/ SAGE implementation - https://github.com/okazymyrov/kuznechik/ Cipher informational RFC 7801 - https://tools.ietf.org/html/rfc7801

Modified Copyright (c) 2020 BI.ZONE LLC.